webcp.hostinghacks.net/slackware | post install configuration
From this point on most of the commands can be run from a Putty window in a "cut-and-paste" style layout or copied to a script. Notes on Putty best practices can be found here.
If you didn't do so during the installation configure networking now:
netconfig
Enter an ip address and then exit 'netconfig'. The main thing here is to get Slackware to recognize your ethernet drivers.
/etc/rc.d/rc.inet1 stop /etc/rc.d/rc.inet1 start
At this point you should be able to log in remotely through a secure shell to finish networking and finalize the installation. (see http://hostinghacks.net/putty/ for details on issuing commands remotely).
configure ethø :
cat > /etc/rc.d/rc.inet1.conf << "EOF"
#
# This file contains the configuration settings for network interfaces.
# If USE_DHCP[interface] is set to "yes", this overrides any other settings.
# If you don't have an interface, leave the settings null ("").
# Config information for eth0:
IPADDR[0]="192.168.0.10"
NETMASK[0]="255.255.255.0"
USE_DHCP[0]=""
DHCP_HOSTNAME[0]=""
# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]=""
DHCP_HOSTNAME[1]=""
# Config information for eth2:
IPADDR[2]=""
NETMASK[2]=""
USE_DHCP[2]=""
DHCP_HOSTNAME[2]=""
# Config information for eth3:
IPADDR[3]=""
NETMASK[3]=""
USE_DHCP[3]=""
DHCP_HOSTNAME[3]=""
# Default gateway IP address:
GATEWAY="192.168.0.1"
# Change this to "yes" for debugging output to stdout. Unfortunately,
# /sbin/hotplug seems to disable stdout so you'll only see debugging output
# when rc.inet1 is called directly.
DEBUG_ETH_UP="no"
EOF
hostname:
cat > /etc/HOSTNAME << "EOF" serv1.fatpenguinhosting.com EOF chmod 644 /etc/HOSTNAME
hostname --fqdnedit /etc/hosts:
cat > /etc/hosts << "EOF" 127.0.0.1 localhost 192.168.0.10 serv1.fatpenguinhosting.com serv1 192.168.0.10 fatpenguinhosting.com 192.168.0.5 xp-test-box EOF chmod 644 /etc/hosts
Configure internal or external resolvers. The choice here is whether you want your own server sending queries out on its own (bind has to be configured correctly) ; or you have other servers (provided by yourself or your ISP) that have agreed to do the job:
# option 1: external resolvers cat > /etc/resolv.conf << "EOF" nameserver 111.112.113.114 nameserver 111.112.113.115 EOF |
# option 2: internal resolvers cat > /etc/resolv.conf << "EOF" nameserver 127.0.0.1 EOF |
# option 3: combination cat > /etc/resolv.conf << "EOF" nameserver 127.0.0.1 nameserver 111.112.113.114 nameserver 111.112.113.115 EOF |
A combination (option #3) which first
checks to see if bind is enabled locally and then if not
will go out to other specified servers is also possible. The:
search fatpenguinhosting.com
option often found in a default resolv.conf file
has no real value for a Hosting Service Provider except to
cause unnecessary lookups.
Using a localhost resolver presents a small security risk if you have a system where users can affect the DNS server ( e.g. any control panel where users have the ability to add domains). It's a risk to use the local resolver because there are cases where a user could create a domain that isn't really controlled by them, and then redirect traffic because you are using the local server's DNS for queries.
For example: say that a domain hosted on your server utilizes a payment gateway "paygate.usa" for an ecommerce site. The server could be tricked into delivering the payment information by a user that added a bogus "paygate.usa" with a faked ip address to the system. However, most control panels only allow set ranges of ip addresses to be used during domain creation and payment transfers should be encrypted anyway so there are multiple layers that would have to be overcome to make a forged domain usable.
- set the timezone and syncronize the system time ; use ls /usr/share/zoneinfo to find your correct setting:
cat > /etc/hardwareclock << "EOF"
# run timeconfig to edit this file.
UTC
EOF
ln -sf /usr/share/zoneinfo/US/Pacific /etc/localtime
ntpdate 128.100.100.128
- Finalize the lilo boot loader configuration to make all disks bootable from the mbr ; in case of a disk failure each disk in the system is able to be placed as the first bootable disk:
cat > /etc/lilo.conf << "EOF" boot = /dev/md0 raid-extra-boot = mbr prompt timeout = 50 vga = normal image = /boot/vmlinuz root = /dev/md0 label = Linux read-only EOF lilo -x mbr -b /dev/md0 # -x applies raid-extra-boot option
- keep a copy of '/etc/raidtab' handy if you prefer to use 'raidtools' rather than 'mdadm':
mount /dev/fd0 /mnt/floppy cp /mnt/floppy/raidtab /etc/raidtab umount /dev/fd0
make a boot floppy:
makebootfloppy
Edit root cronjobs to taste ; cron should already be set as follows:
cat > /var/spool/cron/crontabs/root << "EOF" # Run hourly cron jobs at 47 minutes after the hour: 47 * * * * /usr/bin/run-parts /etc/cron.hourly 1> /dev/null # # Run daily cron jobs at 4:40 every day: 40 4 * * * /usr/bin/run-parts /etc/cron.daily 1> /dev/null # # Run weekly cron jobs at 4:30 on the first day of the week: 30 4 * * 0 /usr/bin/run-parts /etc/cron.weekly 1> /dev/null # # Run monthly cron jobs at 4:20 on the first day of the month: 20 4 1 * * /usr/bin/run-parts /etc/cron.monthly 1> /dev/null EOF killall crond /usr/sbin/crond -l10
add a user to collect system logs and alerts :
groupadd servadmin mkdir -p /home/servadmin useradd -s /bin/false -d /home/servadmin -g servadmin -c "server admin" servadmin -M chown servadmin /home/servadmin -R passwd servadmin
/sbin/ifconfig eth0 192.168.0.11 broadcast 192.168.0.255 255.255.255.0